0xbharath/art-of-packet-crafting-with-scapy 0xbharath/art-of-packet-crafting-with-scapy

  • Stars
    star
    145
  • Rank 248,969 (Top 5 %)
  • Language
    Python
  • License
    Apache License 2.0
  • Created about 8 years ago
  • Updated almost 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
0xbharath/art-of-packet-crafting-with-scapy
github

0xbharath

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A workshop on Packet Crafting using Scapy.

The Art of Packet Crafting with Scapy

Online notes for this workshop is available at - https://scapy.disruptivelabs.in/

Virtual machine for the workshop is available at - https://archive.org/details/pysos_class3_labs_32bit.7z

Documentation is being tracked as part of documentation branch. If you want to contribute to the documentation then make changes to documentation branch and raise a PR.

Prerequisites

  • Little bit of programming experience in some language, not necessarily Python is preferable. (enough to know what's a "variable" or "if statement" etc)
  • Knowledge of Linux command-line skills is necessary but we'll pick it up in the workshop. (Usage of commands like cd, ls, grep, less...)
  • Must have knowledge of basic networking concepts(enough to know what's an IP address, port number, OSI Model etc).

Overview

  • This is an intense workshop on crafting packets using Python and Scapy.
  • We'll explore Scapy and craft packets using the framework.
  • We'll leverage Scapy as a framework to build custom network tools/utilities.

Objective

  • The objective is to understand network programming abstractions, use raw sockets & Scapy to craft packets, improvise in network reconnaissance phase.
  • We will work on practical network reconnaissance techniques like host discovery, service discovery, Remote OS finger printing, promiscuous node detection.
  • We'll learn how to launch Layer 2 attacks and detection techniques for these attacks.
  • We'll leverage Scapy to build custom tools/utilities such as sniffers, pcap analyser, Wi-Fi scanners and simple honeypots.

Environment & Labs

Mysterious boxes

A network with bunch of machines is provided where audience task is to find out as much as they can about the network, machines and security policies using Scapy. One of the machines on this network is a pre-packaged VM with all the necessary packages for attacking installed that we'll use as an attacker box and the other machines act as victims.

Network Hunting - CTF

A mini-CTF on a Software Defined Network. The audience task is to crack a set of challenges, circumvent security measures, subvert systems, perform network attacks to find and obtain the flag.

More Repositories

1

censys-enumeration

A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys
Python
150
star
2

domains-from-csp

A script to extract domain names from Content Security Policy(CSP) headers
Python
104
star
3

slurp

A blazing fast & feature rich Amazon S3 bucket enumerator.
Go
88
star
4

slurp-old

A tool to enumerate S3 buckets manually or via certstream
Go
80
star
5

assets-from-spf

A Python script to parse net blocks & domain names from SPF record
Python
77
star
6

hardware-hacking-for-software-folks

39
star
7

datasploit

Utilizing various Open Source Intelligence (OSINT) tools and techniques that we have found to be effective, DataSploit brings them all into one place, correlates the raw data captured and gives the user, all the relevant information about the domain/email/ phone number/person, etc. It allows you to collect relevant information about a target which can expand your attack/defence surface very quickly. Sometimes it might even pluck the low hanging fruits for you without even touching the target and give you quick wins. More documentation here: http://datasploit.readthedocs.io/en/latest/.
Python
26
star
8

scapy-scripts

A collection of scapy scripts, mostly security stuff.
Python
13
star
9

python-network-programming

A workshop on network programming using the Python language.
7
star
10

nic.in-subdomain-tracker

A repo to track subdomains of nic.in
7
star
11

Effective-OpenSSH-Client-Usage-Workshop

A workshop on using OpenSSH client suite effectively
HTML
6
star
12

ctlog-utilities

Quick and dirty utilities I scribbled while digging through Certificate Transparency logs using crt.sh
Python
6
star
13

GoI-subdomains-directory

List of subdomains/web apps by Government of India (GoI).
4
star
14

talks

Collection of slides/presentations from various talk that I have given in the past.
3
star
15

understanding-wmi

Repo for "Understanding WMI" talk given at Null, Bangalore March 10th 2018
CSS
2
star
16

dotfiles

A collection of personal dotfiles. i3wm, zsh and Dell XPS 13 9350
2
star
17

dns-for-penetration-testers-nullblr

DNS for penetration testers talk given at Nullblr June 2017.
CSS
2
star
18

yamakira.github.io

personal website/blog - http://disruptivelabs.in
JavaScript
2
star
19

pyliners

A collection of Python onliners
2
star
20

python-for-system-administration

A workshop on using Python language for system administration
Shell
2
star
21

python-foundations

Online notes for this workshop is available at -
Python
1
star
22

protocols-for-penetration-testers

A meta repository to keep track of infomation about series of workshops, titled "Protocols for Penetration Testers"
1
star
23

insecuredns

insecuredns is a damn vulnerable DNS server to demonstrate common vulnerabilities in DNS implementations
1
star
24

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
PHP
1
star